"Corona case" is a deceptive email designed to trick users into installing TrickBot malware. The message exploits the current social climate (i.e., the coranvirus pandemic). It claims that the attached document contains urgent information concerning the pandemic and recipients are tricked into ope
There are a number of variants of the Coronavirus spam campaign. Cyber criminals use it to deceive recipients into infecting their computers with malicious programs such as Agent Tesla, Emotet, LokiBot, Remcos, TrickBot, FormBook, Ave Maria, LimeRAT, CrimsonRAT, and other high-risk malware. They
Discovered by PeterM, ProLock is a rebranded version of PwndLocker ransomware. This ransomware encrypts files with the RSA-2048 algorithm, modifies filenames and creates a ransom message. ProLock appends the ".proLock" extension to the filenames of all encrypted files. Research shows that it appe
Discovered by S!Ri, Velar is malicious software categorized as ransomware. It is designed to encrypt data and demand payment for decryption. When this ransomware encrypts, all affected files are appended with the ".Velar" extension. Therefore, following encryption, a file such as "1.jpg" would ap
Hack For Life belongs to the Ouroboros ransomware family. Like most programs of this type, it encrypts files with a strong encryption algorithm, renames all encrypted files and provides victims with instructions about what they must do next. Hack For Life encrypts files with a combination of AES-
Gate belongs to the Dharma ransomware family and is designed to encrypt files, modify their filenames and provide victims with instructions about how to contact the developers (plus some other details). Gate renames encrypted files by adding the victim's ID, lockhelp@qq.com email address and appen
Discovered by Jakub Kroustek, LX is malicious software belonging to the Crisis/Dharma ransomware family. It operates by encrypting the data of infected systems and demands payment for decryption tools/software. When this malware encrypts, all affected files are renamed according to this pattern:
Cranchit is a browser hijacker endorsed as a tool to improve web searches. In fact, it operates by modifying browser settings to promote feed.cranchit.com (a fake search engine). Furthermore, it has data tracking capabilities, which are employed to monitor users' browsing activity. Due to its dub
ArkeiStealer (also known as Arkei Stealer) is a type of malware that steals sensitive, confidential information, which cyber criminals can then use to generate revenue. Research shows that ArkeiStealer is capable of stealing login credentials and cryptocurrency wallet keys. Through accessing such
Discovered by dnwls0719, Banta is yet another high-risk ransomware infection from the Phobos malware family. After successful infiltration, Banta encrypts most stored files, thereby rendering them unusable. During encryption, Banta also appends each filename with the victim's unique ID, developer'